This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Voip capture on a Grandstream GXP2000

0

I want to capture SIP packets from a Grandstream GXP2000. All the tutorials I see is to capture local packets on a local machine, is it possible to capture the data if I know the local ip of the unit and the port used?

asked 06 Apr '13, 10:26

irishbiker's gravatar image

irishbiker
1111
accept rate: 0%


One Answer:

1

If the machine on which you're running Wireshark is on the same Ethernet segment as the phone, and if that segment either uses a hub rather than a switch (note that some devices claim to be hubs but are actually switches) or you can arrange to capture traffic going through the switch from the phone, you should be able to capture traffic going to and from the phone. The Ethernet interface on the machine running Wireshark will have to run in promiscuous mode; use a capture filter such as "host XXX.XXX.XXX.XXX" where "XXX.XXX.XXX.XXX" is the IP address of the phone, or, if you don't want to capture traffic other than SIP traffic, and you know the port being used for SIP, use "host XXX.XXX.XXX.XXX and port PPP", where "PPP" is the port being used.

answered 06 Apr '13, 10:53

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%